Seminar held to discuss cloud legislation in UAE

The legal and business community desire certainty over data protection laws related to cloud.

The UAE Institute of Judicial Training and Studies in conjunction with Eversheds and Microsoft has hosted a seminar to discuss the status of data protection legislation for cloud computing in the region.

The seminar addressed the challenges of data protection in the cloud computing era, the importance of protecting data and the current state of legislation in the region and in other countries. More than 50 legal experts, members of the Judiciary, Government and Industry attended the event.

Nasser Ali Khasawneh, regional managing partner of law firm Eversheds in the Middle East commented: “As the preeminent commercial hub in the region and incubator of many tech start-ups, the UAE already leads the way in many respects with regards to the use of cloud computing under the current privacy and data protections offered by way of various laws. The addition of any further regulations based on international best practice, such as the ISO 27018 or EU directive 95/46/EC will further strengthen its leadership position and provide the certainty desired by much of the legal and business community.”

Dr Kamali, director general at the ITJS and Minister of Justice opened the event with an address, highlighting the key themes of the seminar including the importance of enhancing the legislative legal infrastructure to spur the growth of cloud computing.

Nasser Ali Khasawneh, presented a review of data protection issues in the UAE and also analysed matters relating to international best practice. He addressed the status of data protection regulations in the legal system in UAE, the GCC, and in other countries with particular focus on the experience of the EU. He also discussed the EU 95/46/EC directive, and the role of ISO standards in shaping data protection on the cloud.

The seminar also highlighted different ISO standards including ISO 27001 for security and focused on the new ISO standard 27018 that has set a number of key directives to ensure data protection on the cloud in motion, including transparency, external audit, user consent and retention and deletion periods.